[Git][security-tracker-team/security-tracker][master] new gitlab issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Mar 13 08:16:51 GMT 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
721c146c by Moritz Muehlenhoff at 2025-03-13T09:16:25+01:00
new gitlab issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -31,15 +31,15 @@ CVE-2025-1436 (The Limit Bio WordPress plugin through 1.0 does not have CSRF che
 CVE-2025-1401 (The WP Click Info WordPress plugin through 2.7.4 does not sanitise and ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-1257 (An issue was discovered in GitLab EE affecting all versions starting w ...)
-	TODO: check
+	- gitlab <not-affected> (Specific to EE)
 CVE-2025-1119 (The Appointment Booking Calendar \u2014 Simply Schedule Appointments B ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-0652 (An issue has been discovered in GitLab EE/CE affecting all versions st ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2024-8402 (An issue was discovered in GitLab EE affecting all versions starting f ...)
-	TODO: check
+	- gitlab <not-affected> (Specific to EE)
 CVE-2024-7296 (An issue was discovered in GitLab EE affecting all versions from 16.5  ...)
-	TODO: check
+	- gitlab <not-affected> (Specific to EE)
 CVE-2024-13891 (The Schedule WordPress plugin through 1.0.0 does not sanitise and esca ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-13887 (The Business Directory Plugin \u2013 Easy Listing Directories for Word ...)
@@ -51,9 +51,9 @@ CVE-2024-13884 (The Limit Bio WordPress plugin through 1.0 does not sanitise and
 CVE-2024-13703 (The CRM and Lead Management by vcita plugin for WordPress is vulnerabl ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-13054 (An issue was discovered in GitLab CE/EE affecting all versions before  ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2024-12380 (An issue was discovered in GitLab EE/CE affecting all versions startin ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2020-36843 (The implementation of EdDSA in EdDSA-Java (aka ed25519-java) through 0 ...)
 	TODO: check
 CVE-2025-2240 (A flaw was found in Smallrye, where smallrye-fault-tolerance is vulner ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/721c146c3307e4299e54009f908e002ae8571349

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/721c146c3307e4299e54009f908e002ae8571349
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250313/16d7eb84/attachment.htm>

More information about the debian-security-tracker-commits mailing list